Privacy Policy
Effective Date: June 20, 2026
Our Sanctuary Commitment
At My Haven Wellness Centre, your confidentiality is our highest priority. We design our digital systems from the ground up to respect your dignity, secure your clinical data, and comply fully with local and international health regulations.
1Compliance & Governing Frameworks
My Haven Wellness Centre operates in strict compliance with the **Kenya Data Protection Act, 2019** as a registered data controller. Additionally, for clinical notes, diagnostic tracking, and practitioner records, we align our storage, encryption, and authorization systems with **HIPAA (Health Insurance Portability and Accountability Act)** security guidelines.
2What Information We Collect
• **Account Registration Info:** Full Name, Email address, Phone number, and County location provided during signup.
• **Wellness Discovery Data:** Information you share during conversation logs with the AI Wellness Companion (strictly used to suggest matching helpers).
• **Appointment Details:** Date, time, type (virtual/in-person), patient notes, and status of appointments scheduled on the platform.
• **Payment Logs:** Paystack reference IDs, payment methods (M-Pesa/card), and transaction status. We do NOT store your raw financial passwords or bank PINs.
• **Helper Applications:** CVs, professional licensing numbers, qualifications, and verification documents uploaded by helpers during network application.
3AI Conversations & Data Security
Our AI Wellness Companion is powered by **Google Gemini API**. Conversations with the AI are stored securely in your dashboard for reference. Key details (such as primary wellness symptoms) are processed to identify matching helpers.
Crucial Notice:
The AI Companion is **strictly non-diagnostic**. It does not make medical determinations. Shared messages are transmitted via secure HTTPS to Google endpoints for generation and are not used to train public models.
4Third-Party Services & Sub-processors
To deliver a secure and collaborative experience, we partner with verified industry leaders:
| Partner | Purpose | Data Transmitted |
|---|---|---|
| Supabase | Hosting & DB Storage | Encrypted user profiles, application data, session records. |
| Paystack | Gateway (M-Pesa/Card) | Email, amount, mobile phone number, billing refs. |
| Google (Gemini) | AI Wellness Matcher | Anonymized conversation turns. |
5Your Unalienable Rights
As a user of My Haven, you maintain complete autonomy over your wellness records:
Right to Access
Request a full export of all diagnostic notes and details.
Right to Segregate
Sever any helper access from your clinical record history instantly.
Right to Erasure
Request complete deletion of your account and files from servers.
6Contact Us & Data Controller
If you have any questions about this privacy statement, the handling of your patient records, or wish to execute your rights of deletion, contact our Data Protection Officer:
Email: privacy@myhaven.co.ke
Phone: +254 725 795 467
Office: Nairobi, Kenya